parsel@0.2.0 vulnerabilities
Encrypt and decrypt data with a given key.
-
latest version
0.3.0
-
first published
12 years ago
-
latest version published
9 years ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the parsel package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
parsel is a library that allows you to encrypt and decrypt data with a given key. Affected versions of this package are vulnerable to Insecure Encryption. In cases where an initialisation vector is not supplied to the encrypt or decrypt call in How to fix Insecure Encryption? There is no fixed version for |
>=0.0.0
|
parsel is a library that allows you to encrypt and decrypt data with a given key. Affected versions of this package are vulnerable to Insecure Encryption. It contains a weak key derivation function, in which a key of arbitrary length is run through one round of SHA256 to gain key material of the correct length. This allows for the use of weak key material without appropriate key stretching. How to fix Insecure Encryption? There is no fixed version for |
>=0.0.0
|